How to Spot a Hacker

Cyber hacking: the dark side of the digital age

The more we grow and evolve into a digital society, the more difficult it becomes for those who did not grow up in this complex age of technology. What’s even more unsettling both to those with a background in technology and to those without is the idea of “hackers.” With the rise in digital communication, online transactions and cloud-based data storage, hackers have become the modern day equivalent of bank robbers and train hijackers. Except, instead of breaking into homes and stealing television sets and jewelry, hackers break into personal emails and online company data to steal and encrypt important files. In this issue of To The Point, we explore the different types of hackers who exist, how they operate and what tools they use to take advantage of weaknesses in a company’s security.

Hackers come in various types:

  • White hat – ethical hacker one who is hired to find vulnerabilities for a company.
  • Black hat – the classic hacker that gains unauthorized access to various systems.
  • Grey hat – a hacker that gets unauthorized access but reveals the weakness to the company.

Methodology of Hacking

The act of hacking is broken out into 4 main segments as show below in the diagram:

Informational Gathering

  • Focused on collecting as much information as possible about the organization you want to compromise.
  • Motive is to identify the entry and exit points.
  • Basic Methods:
    • Passive– To gain information about targeted organization’s cyber infrastructure without actively engaging with the systems.
      • WHOIS
        • Anyone can use this service to search for databases and identify the registrant of a domain name and other information.
        • It also provides the information regarding: IP address, name servers, admin contact etc.
      • Google Dork
        • It uses Google search engine to find security holes on the web applications over the internet.
        • To locate specific strings of text within search results
      • DNS Info gathering
        • dnsenum: Tool in the backtrack Kali OS. It starts querying DNS servers and gather information:
        • Host address / Name servers / MX records / Gathering SOA records
      • Social Engineering
        • Find out more information and likelihood of disclosing of information that could assist in cracking of a password
      • Dumpster Diving
    • Active – Interact directly with a system of interest.
      • Ping
        • It is used to test the reachability of a system.
        • It works at the network layer.
      • Traceroute
        • It is used to gather information about network infrastructure and IP ranges of a given host.

Thinking like a hacker…

Scanning

Now that we understand how to create a profile of the target organization by finding the network information, we need to find information about the specific IP addresses that can be accessed over the Internet, OS, accessible ports, network architecture, services running etc.

  • Types of scanning:
    • Network / Wifi
    • Port
    • Vulnerability
  • Vulnerability Scanning
    • Once we have identified the accessible ports and services running on them, now we need to find the vulnerabilities associated with those applications.
    • Tools:
      • Web Application Acunetix, BurpSuite etc.
      • Network Security Nessus
      • Mobile Security Veracode, TenableSecurity etc.
    • Web Goat
      • Insecure web application maintained by OWASP designed to teach web application security lessons.

Attacks

Types of Attacks

  • Active Attacks (Penetration)
    • Denial of Service (DoS)
    • Spoofing Attacks
    • Password Attacks
    • Session Hijacking
    • Breaking into a site
    • Resource Usage
    • Deception
  • Passive Attacks (Monitoring)
        • Sniffing
        •  Passwords
        • Network Traffic
        • Sensitive Information

Password Attacks

  • Dictionary Attack
    • Hacker tries all words in dictionary to crack password
    • 70% of the people use dictionary words as passwords
  • Brute Force Attack
    • Try all permutations of the letters & symbols in the alphabet
  • Hybrid Attack
    • Words from dictionary and their variations used in attack
  • Social Engineering
    • People write passwords in different places
    • People disclose passwords naively to others
  • Shoulder Surfing
    • Hackers slyly watch over peoples shoulders to steal passwords
  • Dumpster Diving
    • People dump their trash papers in garbage which may contain information to crack passwords

Spoofing Attacks

Definition:

An attacker alters his identity so that someone thinks he is someone else

  • Email, User ID, IP Address, …
  • Attacker exploits trust relation between user and networked machines to gain access to machines

Types of Spoofing:

    1. IP Spoofing – Attacker copies users IP and then sends the actual user as DoS attack to eliminate them. (They are no longer needed)
    2. Email Spoofing – Attacker sends messages masquerading as someone else.
    3. Web Spoofing – Man in the middle attack, after node has been compromised (Router)

 

We hope you have found this edition of “To The Point” by George Rassidakis to be helpful and informative. Look out for our next installment as we continue to explore unique topics from business to the latest technology.

We want to hear your point! If you have any ideas, suggestions or any questions about our weekly blog, please contact us at: info@pointalliance.com.

Warm regards,

Point Alliance Team